FAQ

Here are some answers to the most frequently asked questions about BMC Helix Service Management containers.

Frequently asked questions about licenses, assistance, and subscription

This section provides answers to frequently asked questions about BMC Helix Service Management licenses, installation assistance, and education subscription.

How do I get a licence for the BMC Helix Service Management product?

You can obtain the license from the BMC Support Central site.

For information about how to obtain a license, see Obtaining-license-keys.

How do I get installation and migration assistance?

BMC Customer Success offers multiple Success Subscriptions to assist you.

See Success Subscriptions.

Does BMC offer any education subscriptions?

Yes. See BMC Education Subscription Services.

Frequently asked questions about sizing and system requirements

This section provides answers to frequently asked questions about sizing and system requirements to install BMC Helix Service Management.

Sizing requirements

I am unsure about the sizing of the BMC Helix Service Management on-premises platform. How do I get advice?

See Sizing-and-scalability-considerations.

Software requirements

Do I need separate servers for installing Git, Ansible and Jenkins?

No. You don't need separate servers for installing Git, Ansible, and Jenkins. You can install and set them up on a single server.

See Setting up BMC Deployment Engine.

Can I use Harbor and Jenkins without SSL certificates?

Yes. You can use Harbor and Jenkins without Secure Sockets Layer (SSL) certificates.

For more information, see Setting-up-a-Harbor-repository-to-synchronize-container-images.


What is the difference between BMC Support Assistant tool and BMC Helix Logging?

BMC Support Assistant tool collects BMC Helix Innovation Suite application related logging whereas BMC Helix logging collects critical BMC Helix Innovation Suite and common services related information.

Is the zero downtime upgrade supported?

Yes. See Zero-downtime upgrade for BMC Helix Innovation Suite and applications

 in BMC Helix Innovation Suite documentation.

Can I reuse the same Jenkins server for an upgrade?

Yes. You can modify or create Jenkins pipelines.

Can I use a single BMC Deployment Engine for multiple deployments?

Yes. You can use a single BMC Deployment Engine for multiple deployments provided you update the kubeconfig and relevant parameters.

Important: We recommend dedicated BMC Deployment Engines for each BMC Helix Service Management instance.

Does Helix OnPrem support a single Helix Portal (Common Services) with ITSM and ITOM?

Yes, this is possible. For more information, contact BMC Support

Do I need to specify a separate database server hostname for BMC Helix Single Sign-On?

No. The deployment manager script deploys a PostgreSQL database and BMC Helix Single Sign-On Tomcat internally to the Kubernetes cluster.

Can I use latest versions software for Kubernetes, Helm, and Docker?

You might encounter issues with unsupported versions. For information about the supported versions, see System-requirements.

Does BMC provide Docker files for each container image?

BMC does not provide a Docker manifest for the container images. You can synchronize the container images in BMC DTR to a local container repository.

See Setting-up-a-Harbor-repository-to-synchronize-container-images.

Will database dumps with application sample data be provided?

BMC provides the database dumps required for BMC Helix Service Management installation. However, database dumps of a sample application data are not provided.

Is the container and Kubernetes orchestration based on-premises deployment of BMC Helix Service Management supported on Windows?

BMC Helix Service Management containers use Linux operating system. The container host systems must have Linux operating system as the kernel is shared between the host and container.

It is theoretically possible to run a Linux virtual machine on a Windows host and deploy Kubernetes across the virtual machine and run Linux containers. However, BMC does not recommend such deployment architecture and does not provide deployment sizing guidelines for such configurations.

Does the database tier in the BMC Helix IT Service Management deployment runs in a container?

No. The database tier in the BMC Helix Service Management deployment does not run in a container.

What are the formats or standards used by the BMC Helix Innovation Suite platform and service Management applications containers?

BMC Helix Innovation Suite platform and Service Management application containers are based on Docker and they leverage Kubernetes orchestration layer.

After one deployment, can BMC Deployment Engine be reused for the next deployment?

Yes. The same Deployment Engine setup (Jenkins) can be used to deploy different environments of the same version, such as Dev, QA, and production.

For more information, see Setting-up-the-deployment-input-configuration-file.

Is it enough to set up a single Deployment engine, which will be applicable to both non production and production deployment?

Yes. The same Deployment Engine setup (Jenkins) can be used to deploy multiple instances of the same version.

For more information, see Setting-up-the-deployment-input-configuration-file.

Should the deployment engine be kept after the initial deployment is done? Will it be used for further upgrade of Helix Innovation Suite?

Yes, The same Deployment Engine setup ( Jenkins) can be used to deploy patches and updates; hence may be retained or recreated when needed.

For more information, see Setting-up-the-deployment-input-configuration-file.

Where do I use the database dump artifacts downloaded from the EPD site?

If you decide not to use PostgreSQL database, you must import either the Microsoft SQL or Oracle database dumps before you begin the deployment.

See Setting-up-a-Microsoft-SQL-Server-database and Setting-up-an-Oracle-database.

How do I update an expired certificate?

Update an expired certificate on BMC Helix Platform based on the type of CA-signed certificate you are using, Public Certificate Authority (CA) or custom CA-signed certificates.

See Updating expired certificates in BMC Helix IT Operations Management deployment documentation.

Kubernetes cluster requirements

Do I have Horizontal Pod Autoscaling for both platform services and BMC Helix Innovation Suite?

No. Horizontal Pod Autoscaling is supported only for platform services.

Where will the data lake components such as Kafka, Elasticsearch, and Redis be installed?

The storage class for the data lake components is external to the cluster.

How can I increase the number of containers or pods?

You can increase the number of containers by scaling the Kubernetes cluster.

What is the difference between an Nginx Ingress controller (internal to the cluster) and a network load balancer (external to the cluster)?

Nginx Ingress controller is used for load balancing services in Kubernetes whereas a network load balancer is used to distribute the load of incoming requests.


Network requirements

What types of load balancers are supported?

All load balancers that meet the following requirements are supported:

  • SSL pass-through to offload at the Ingress Controller
  • Allow X-Forwarded- Headers Upstream of Ingress
  • Unaltered response redirects
Are application DNS aliases required before running installation?

Yes. All DNS aliases should be set up before the installation and resolved to the network load balancer.

Frequently asked questions about environment security

This section provides answers to frequently asked questions about BMC Helix Service Management environment security.

Should I update the default passwords after installation?

BMC recommends to update the default passwords for the products, virtual machines, and databases to prevent any security issues. 

Do any of the logs contain sensitive, personal, or tax related data?

BMC does not allow any personal information to be stored in the logs.

Does BMC support a Key Management System?

No. BMC does not support a Key Management System.

Are the container images secure and scanned?

BMC uses the base images which are scanned regularly. BMC ensures that a high level of security is met.

Does the BMC Helix Service Management installation uses any ports numbers below 1024?

BMC Helix Service Management installation does not use any ports numbers below 1024 except port 443. Port 443 is used for HTTPS.

Do the pods use configmaps and secrets to pass sensitive parameters such as credentials or passwords?

Yes. The pods use configmaps and secrets to pass sensitive parameters such as credentials or passwords.

Frequently asked questions about BMC Helix Service Management components

This section provides answers to frequently asked questions about BMC Helix Service Management components.

Is BMC Helix ITSM: Smart Reporting also containerized?

Yes. You can install BMC Helix ITSM: Smart Reporting if you have opted for Smart Reporting extended support.

For more information, see Downloading-the-installation-files.

Are AR System, BMC Helix Innovation Studio, and BMC Helix Digital Workplace Catalog all merged into one instance, so that only 1 instead of 3 platform installations are necessary and all applications run on this one platform instance?

Yes. All Service Management applications run on the BMC Helix Innovation Suite platform.

For more information, see Downloading-the-installation-files.

Is it mandatory that BMC Helix Innovation Suite, BMC Helix Platform, BMC Helix Logging must be bundled together? For example, is it possible to setup a single BMC Helix Platform or BMC Helix Logging to support multiple BMC Helix Innovation Suite?

Yes. Multiple BMC Helix ITSM and Helix Platform namespaces can use same Helix Logging Namespace. Only one helix logging namespace is recommended per cluster.

For more information, see Setting-up-the-installation-environment.

Can we separately restart the AR Server, Mid-Tier and other components?

AR server, FTS server (Platform Rank server), mid-tier, and so on are all separate services.

To trigger rolling restart, you must change the value of the triggerUpgrade variable to any value of your choice that triggers restart. This variable is exposed in the values.yaml file and is referred in various specs, such as statefulset or deployment.

How to form a server group for ITSM?

All containers are part of the same server group. You don’t have to anything specific to make them part of the server group.

How to identify the individual components installed in different worker nodes?

You can know which pod is running in the namespace by using one of the following ways:

  • If you are consuming the Prometheus metrics from Kubernetes, you can scrape the metrics to know which pod is running in the namespace.

  • You can run the following command that will list the pods you have and the worker nodes that are running.

    kubectl -n <namespace> get po -o wide
How to rank the operations within ITSM?

The ranking is governed through AR system operations ranking. On startup, container bootstrap script only assigns default ranking for the first time pod comes up. From that point on, the ranking changes are retained.

Is there an option to shutdown and start the entire ITSM application?

If you scale down all the pods to zero, the ITSM application will stop.

Can I scale up and scale down the application pods and nodes based on the utilization?

Auto scaling is not supported currently for both pods and nodes. 

What components are covered during the BMC Helix Service Management upgrade?

The BMC Helix Service Management upgrade includes the latest patches for the following components:  

  • BMC Helix ITSM 
  • BMC Service Level Management 
  • BMC Service Request Management 
  • Mid-Tier (AR System) 
  • BMC CMDB 
  • BMC Helix ITSM: Smart Reporting 
  • BMC Helix Digital Workplace Basic 
  • BMC Helix Digital Workplace Advanced 
  • BMC Helix Digital Workplace Catalog 
  • BMC Live Chat 
  • BMC Helix ITSM: Smart IT 

If you are using BMC Helix Innovation Suite or applications based on it, then the upgrade also includes: 

  • BMC Helix Innovation Studio 
  • BMC Helix Business Workflows  
  • BMC Helix Multi-Cloud Broker 

  • BMC Helix ITSM: Smart Reporting for these BMC Helix Innovation Suite components

    Important

    You can install BMC Helix ITSM: Smart Reporting if you have opted for Smart Reporting extended support.

Single applications or modules are not upgraded separately during the upgrade. As part of the upgrade, all components are moved to a single instance of BMC Helix Service Management.  

Is BMC changing the APIs?

BMC has not made any changes to the existing APIs. Any code that you have built on previously existing APIs should continue to work in the new release.  

There are minor authentication related changes to the APIs. For more information on the authentication related changes, see the following links:

Access and authentication for the REST API and Overview of the REST API in BMC Helix Innovation Suite documentation.

We have added some new, simplified REST APIs for specific ITSM objects, such as incidents, problems, change requests.

See Overview of the simplified REST API in BMC Helix ITSM documentation.

Will my customized OOTB reports in Smart Reporting be available and working after an upgrade?

Yes. We recommend not changing the OOTB (out-of-the-box) reports provided in BMC Helix ITSM: Smart Reporting. Always make a copy of the OOTB reports and then make the necessary changes. If you followed this approach, your reports would continue to work. If you modified the OOTB reports, they would not work post upgrade. Please make sure you create copies of all modified OOTB report before the upgrade starts.


Here are some answers to the most frequently asked questions about the BMC Helix IT Operations Management containers.

BMC Helix Operations Management


Can we import BMC Helix Operations Management policies from a file?

Yes, please contact BMC Support.


Can we generate a PATROL Agent Report of all agents BHOM tenant in csv file format?

Yes, please contact BMC Support.


Device Report generated of BMC Helix Operations Management tenant to csv ?

Yes, please contact BMC Support.


Can we test connectivity between a host and the target BHOM tenant?

Yes, please contact BMC Support.


Can we generate a solution deployment report detailing all solutions and versions deployed to PATROL Agents that match the given regex pattern?

Yes, please contact BMC Support.


How to move PATROL Agents from one Helix instance to another?

See, Migrating PATROL Agents from TSOM to BHOM and Migrating PATROL Agents in the BMC PATROL Agent for BMC Helix Operations Management documentation.


What are the supported versions of PATROL Agents for BHOM?

See, BMC PATROL Agent documentation.


Where are details for Monitoring Solutions for BMC Helix Operations Management?

See, Monitoring solutions in BMC Helix Operations Management in the BMC Infrastructure Management-PATROL Repository documentation.


What are the supported versions of the Infrastructure Components?

See, System-requirements.


Does BMC Helix support Forward Proxy for PATROL Agents?

Yes, we have documented an example using Squid. However, you can utilize your own forward proxy. Discuss it with your Network Administrator.

For more information, see Configuring a Squid proxy server in the BMC PATROL Agent for BMC Helix Operations Management documentation.


BMC Helix Intelligent Integrations


How is high availability achieved for the BMC Helix Intelligent Integrations on-premises gateway?

You can achieve high availability for the on-premises gateway by deploying it in an active-passive high availability configuration. The MinIO instance available in the BMC Helix IT Operations Management on-premises deployment is used as the backup and restore location of the on-premises gateway.

For more information, see Configuring the on-premises gateway for high availability in the BMC Helix Intelligent Integrations documentation.


Certificates


Can we use self-signed or custom CA certificates?

Yes, for more information, see Using-custom-CA-signed-certificates.


How do I get a Certificate Authority (CA) signed certificate for load balancer configuration?
  1. Create a certificate signing request (csr) file by using OpenSSL.
  2. Submit the file <your.domain.com>.csr to your CA and request a signed certificate.
  3. Import the CA's reply.


Disaster recovery


How can I define a URL for the MinIO on my standby site for replication when the MinIO on my primary and standby sites is deployed with the same URL?

Perform the following steps on the standby site:

  1. To get the MinIO Ingress rule, run the following command:

    kubectl -n <namespace> get ing | grep ^minio

    <namespace> is the namespace where you deployed BMC Helix ITOM.
    Sample output:

    # kubectl -n ITOM-namespace get ing | grep ^minio
    minio                                                  <none>   serta-minio.adeonprem.bmc.com       172.20.112.175                      80      20d
    minio-api                                              <none>   serta-minio-api.adeonprem.bmc.com   172.20.112.175                      80      20d
    #
  2. Create new MinIO Ingress rules for minio and minio-api.
    For example:  
     serta-minio-India.adeonprem.bmc.com 
    serta-minio-India-api.adeonprem.bmc.com
  3. Use new MinIO Ingress rules to define the URL for the MinIO on the secondary site for replication.
What are the prerequisites to enable Disaster Recovery (DR)?

DR requires additional storage and CPU/Memory resources for backups.
See Sizing-and-scalability-considerations for additional resources required for DR.


Which version of the product supports DR?

DR is supported from version 23.4.00, but the most recommended version is 24.2.00.


What are the additional resources required for DR?

See the Sizing and scalability considerations for additional resources required for DR.
Important: The actual storage requirement depends on the stack and data. Hence, further fine-tuning might be required. 


Can I use NFS as a storage provider for DR??

No, NFS is not a supported storage provider for DR.
NFS does not provide the required performance support. Also, the PVC size increments are not supported for NFS-backed storage.


What are the RPO and RTO numbers supported by BMC?

See Sizing-and-scalability-considerations.


What should be the resource requirement for the standby site?

Both primary and standby sites should be deployed with the same resources and sizing.
See Configuring-disaster-recovery.


Will there be any downtime while enabling backups?

It takes about 30 minutes to enable backup. This process restarts storage components such as MinIO, PostgreSQL, and VictoriaMetrics.
Though you don’t require explicit downtime, we recommend enabling the backups during low-load conditions.


Will there be any impact on application performance when the backups are running?

DR is configured to run a single full backup in a day, and the rest will be incremental backups.
No major performance impacts were observed during backups performed in BMC’s test labs.


Is there any general recommendation from BMC to enable backups?

The first backup is a full backup and will take longer than the incremental backups. Therefore, we recommend that you enable the backups during low-load hours.


Can I enable backups when I have not created the standby site?

You can enable backups without a standby site, but backups will be stored on the local cluster and will not provide any protection against cluster failure. 


Is Point-in-time recovery (PITR) supported by DR?

No. Currently, PITR is not supported by DR.

Should I perform any manual steps before enabling the backups?

There are a few manual steps required apart from modifying the disaster-recovery.config file.
See Configuring-disaster-recovery for detailed steps.


Should I modify any configuration file before enabling the backups?

Yes, disaster-recovery.config file serves as an input file for DR configurations.


What are the steps to enable the backups?

See “To configure data backup on the primary site” in the Configuring-disaster-recovery topic.


Can I enable backups for partial or specific components?

No, currently we do not support backup of specific components.


How long will it take for backups to get configured?

Configuring backups for DR takes around 15-30 minutes, depending upon the cluster size.


How does the backup scheduling work?

As part of the configuration, you must provide a backup interval in hours (DR_BACKUP_INTERVAL_IN_HOUR). All the backups are scheduled based on the cron scheduling format.
For example, if you set the value of the DR_BACKUP_INTERVAL_IN_HOUR parameter to 1 hour, data backup is performed at the start of every hour according to the cron schedule (0 */1 * * *).


When will my first backup get triggered?

If your current cluster time is 2:15 P.M. on November 2, and you set the value of the DR_BACKUP_INTERVAL_IN_HOUR parameter as 1 hour

  1. The first backup will occur at 3:00 P.M. This backup will be a complete data backup.
  2. Subsequent backups will occur at 4.00 P.M., 5.00 P.M., 6.00 P.M., and so on. These backups will be incremental.
  3. At 3:00 P.M. on November 3, a complete data backup will occur.


How can I confirm that the backups are successful?

If a backup fails, an email gets triggered to the operator’s email ID specified during the stack deployment.
You can also find the backup status from MinIO. See the <bucket name>/<site name>/backupStatus/backup.log file for backup status and logs.


Will I receive a notification about the success or failure of backups?

For successful backups, you will not get any notification. If a backup fails an email notification is sent to the operator’s email ID that was defined during stack deployment.


How can I monitor the storage utilization of backups?

Go to the Object Browser on the MinIO console to check the data size uploaded to MinIO.  To check the actual storage utilization, go to the Monitoring tab on the MinIO console.


Can I temporarily disable the backups?

Yes, you can disable backups. For more information, see Configuring-disaster-recovery.


Can I customize the retention period of the backups?

Yes, you can set the retention period in the disaster-recovery.config file. For more information, see Configuring-disaster-recovery.


Should I disable backups during upgrades or while applying hotfixes?

Data backup is automatically disabled during an upgrade. You must enable backups after the upgrade. For more information, see Configuring-after-upgrade.

Before applying a hotfix, you must disable the data backup.


What should I do if my backups are not running?

Backups may fail due to multiple reasons. Please check back.log and take appropriate action. 


What are the guidelines for installing a standby site?

See the topic Configuring-disaster-recovery.


Is there a way I can save the resources required for the standby site?

After installing or upgrading BMC Helix ITOM on the standby site, scale down the application pods to reduce the resource requirement during unused periods. 


What are the guidelines for upgrading the standby site?

You must first upgrade the primary site. After completing the first full backup on the primary site, you must upgrade the standby site.


What are the guidelines for upgrading the primary site?

No explicit steps are required for upgrading the primary site. However, it is mandatory to disable the backups before upgrading the primary site, because an upgrade might hamper the overall performance.
For more information, see Configuring-after-upgrade.


Is it mandatory to keep the standby site in the scale-down mode?

No, it is not mandatory to keep the standby site in the scale-down mode. 
Keeping the standby site in the scale-down mode will reduce the overall requirement of resources during unused periods.


How to scale down and scale up?

To scale up, go to helix-on-prem-deployment-manager/utilities/disaster-recovery/dr-scale and run the command ./product_scale.sh up .
To scale down, go to helix-on-prem-deployment-manager/utilities/disaster-recovery/dr-scale and run the command ./product_scale.sh down.
For more information, see Configuring-disaster-recovery.


Are there any prerequisites to enable replication?

Make sure that the secondary MinIO is reachable from the primary MinIO. Modify the minio and minio-api ingress as described in the “Replication from the primary site to the standby site” section in the Configuring-disaster-recovery topic.


How can I configure the replication of data from the primary to the standby site?

See “Replication from the primary site to the standby site” in the Configuring-disaster-recovery topic.


Can I replicate the data from MinIO to AWS S3?

For data replication, we leverage MinIO’s bucket replication feature because it supports replication to AWS S3.
Though it is possible to replicate the data to AWS S3, it is not explicitly tested by BMC.


How do I check that the replication of data is successful?

A simple check would be to validate that the object count or size present on both the primary and standby sites is the same. Detailed checks can be done by using the MinIO client.


Are there any prerequisites before running the restore process?

Before starting the restore process, it is important to make sure that the data is available in MinIO and that the standby site runs on the same version of BMC Helix ITOM as the primary site.
The restore process will validate the version before proceeding.


What are the steps required to perform the restore operation?

See Restoring-data-on-the-standby-site.


Should I scale down or scale up my site before running the restore process?

You don't need to perform manual scaling operations; the restore operation will handle it automatically.


My product version on the standby site is different from the primary site. Will I still be able to restore data?

No, both primary and standby sites must have the same version of BMC Helix ITOM.
If the version is different, the restore operation will not continue.


Should I keep the data in MinIO after the restore process is complete?

After a successful restore, you can delete data from MinIO to free up the space.


When can I start my backup on the standby site after it is restored?

You must enable backups on the standby site after the restore is complete.


What are the steps to fall back to the original primary site?

See Disaster-recovery-deployment.


Enablement



Does BMC offer installation and migration assistance?

Yes, for more information see Success Subscriptions.


Does BMC offer Education subscriptions for on-premises deployments?

Yes, see BMC Education Subscription ServicesBMC Helix On-Premises IT Operations Management Container Deployment: Essential Subscription, and BMC Helix On-Premises IT Service Management Container Deployment: Essential Subscription


Health check


How do I obtain the ITOM and Helix Portal (Common Services) Health Check Tool?

See, BMC Helix onprem installation health check tool.


Kubernetes


How is high availability achieved?

High availability is achieved through Kubernetes, which uses virtual services to load balance application pods across the cluster.

High availability is enabled for all but the compact sized deployments using multiple pods for each service.

For more information about system usage profiles, see Sizing-and-scalability-considerations.


What is the difference between an Nginx ingress controller (internal to the cluster) and a network load balancer (external to the cluster)?

The Nginx Ingress controller is used to route requests to the appropriate services and pods within the cluster. Network load balancing is used to distribute the load of incoming requests across multiple nodes.


Do the container images of the application provide a liveliness probe and a readiness probe?

Where appropriate both readiness and liveness probes are defined in BMC images.


Does BMC support any other Ingress controllers other than Ingress NGINX?

No, currently only Ingress NGINX is supported.


How are the logs managed?

BMC Helix Logging is not available if you install BMC Helix ITOM version 23.2.02 or upgrade to BMC Helix ITOM 23.2.02 from an earlier version.
For an alternate method to view logs, see Why is Helix Logging not available in ITOM Deployment version 23.2.02? .


Does the deployment use CI/CD pipelines?

BMC provides deployment software automation and does not support Webhooks or CI/CD pipelines.


Does BMC use "latest" tags in container images?

BMC does not use "latest" tags and uses versions wherever possible.


Does the container registry require access to the internet?

BMC software supports air-gapped deployments from a local registry which has been synchronized with the BMC containers.bmc.com.

For more information, see Setting-up-a-Harbor-registry-in-an-air-gapped-environment-and-synchronizing-it-with-BMC-DTR.


Does BMC set limits in the deployment, the DeploymentConfig, the StatefulSet, or the respective Kubernetes object used?

We set default requests and limits for all services. 


Migration


Can we migrate TSOM configurations to BMC Helix Operations Management?

Yes, seeConverting PATROL Agent Pconfig rules to Policy ManagmentMigrating TSOM Infrastructure Policies to BHOM with the bhompolicymigratorMigrating PATROL Agents from TSOM to BHOMManaging BHOM with the bhomadmin toolkit


Can we migrate TSOM Blackout Policies to BMC Helix Operations Management Blackout Policies?

Yes, you must do it manually.


Network


Are application DNS aliases required before running installation?

Yes, all DNS aliases must be set up before the installation and should resolve to the network load balancer.

For more information, see Load-balancer-requirements.


What type of load balancers has BMC tested?

For local testing purposes, we have used an F5 load balancer. 
You can use your existing vendor-specific load balancer. You must make sure the DNS resolution and lookups are working fine. 

For more information, see Load-balancer-requirements.


Is Static IP mandatory for the common services (ADE platform)?

The Static IP is a requirement for the common services and not for BMC Discovery. 
To get Static IP reach out to the in-house IT team to generate or assign for the environment.

The IP requirements are for the load balancer and the DNS. If we have a Static IP then making and maintaining configuration changes becomes less cumbersome when compared to maintaining a DHCP setup. 


What ports must be enabled for the Helix Platform?

See, Network-ports.


What firewall settings are required?

See, Network-ports


On-premises deployment


Where can I find the important configuration files for on-premises deployments?

See, Configuration-file-settings.



Where can I find sample configuration files for BMC Helix Operations Management?

See, Example-configuration-files-for-BMC-Helix-Operations-Management.


How do I change the encryption or decryption password?

Perform these steps if you forget the encryption password or if you need to change it:

  1. Delete the common/certs/secrets folder and its contents.
  2. Create the secrets.txt file with new passwords.
  3. Run the deployment manager again.
    Important
    If you do not delete the secrets folder and try to create a new secrets.txt file, the process fails with a message to delete the secrets folder.


Where can I find sample configuration files for BMC Helix Continuous Optimization?

See, Example-configuration-files-for-BMC-Helix-Continuous-Optimization.


Where can I find sample configuration files for BMC Helix Intelligent Automation?

See, Example-configuration-files-for-BMC-Helix-Intelligent-Automation.


Does BMC Helix on-premises support a single Helix Portal (Common Services) with ITSM and ITOM?

Yes, we do support a single Helix portal with BMC Helix ITSM and BMC Helix ITOM.

Please raise a case with BMC Support to help you confirm requirements.


Security


Should I update the default passwords after installation?

We recommend that you update default passwords for VMs, databases, and products to be compliant with your security policy to prevent any security issues. 


Does BMC perform security scans on their images before they release?

Yes, we do. However, if you find any subsequent security vulnerabilities, please raise a case with BMC support.


Do containers have a default users?

We use our own canonical container images which use a bmcuser in the majority of cases. We will not be able to align with the base container images used by customers as these can vary widely.

For data layer services (such as Kafka, Postgres, and ElasticSearch), we use Community Edition containers which include all default users and libraries. We might amend these images if we identify security exceptions but otherwise, they are unaltered.


Sizing


I am unsure about the sizing of the Helix on-premise platform. How do I get advice?

See, Sizing-and-scalability-considerations.


Software


How do I obtain access to the on-premises software?

Please contact the BMC Account Manager.


How do I download the deployment manager and container images?

See, Downloading-the-deployment-manager.


Does BMC Helix ITOM utilize Jenkins to deploy the product?

No, BMC Helix ITOM does not utilize Jenkins to deploy the product.


Does BMC provide Docker files for each container image?

No, we do not provide a Docker manifest for container images.


Can I use latest versions software for Kubernetes, Helm, and Docker?

Supported versions are detailed in the product documentation. You may encounter issues with unsupported versions.





 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*